CAPTCHA woes

Anyone here have success with using CAPTCHA for custom forms? I am having a problem getting it to work.

So, I have set CAPTCHA up and put it in a "contact us" form. When testing the form I get a "Security key incorrect" message every time, though I am certain I am getting the key correct. However, if I click on the "generate a new code" link and then try to fill in the form, I don't have any trouble with CAPTCHA – it is accepted no problem.

Has anyone else experienced the same problem?

Matrix version 5.2.3.0.

One way this can happen is if something on your form page or its design causes the CAPTCHA key to be silently regenerated after the CAPTCHA image was sent to you, so the image no longer matches the CAPTCHA Matrix has on file (until you click on “generate a new code”).

In one case I looked at, there was an HTML “img” tag with an empty “src” attribute near the end of the page, like this:


<img src=’’>


When the browser saw the empty “src” attribute, it would try to load the form’s own URL again as an image. This new “visit” to the form caused Matrix to regenerate the CAPTCHA key, but because the form wasn’t a valid image nothing was displayed and the user didn’t notice anything.


Then, when their first submission attempt failed, they would click “generate a new code” and the second attempt would work fine (since the browser wouldn’t attempt to reload the broken “img” tag this time).


That’s just an example, of course - it’s unlikely that your case is exactly like that. However, it’s also possible to get the same effect in other ways; I think nesting or using AJAX to display another custom form in the design or elsewhere on the page can also do it.

Any chance you can use a different anti spam technique? Such as honeypot field (recommended) or reCaptcha?